-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathvalues-global.yaml
More file actions
36 lines (35 loc) · 1.44 KB
/
values-global.yaml
File metadata and controls
36 lines (35 loc) · 1.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
global:
pattern: coco-pattern
secretStore:
# Warning: This must be present even if it is set to none.
backend: vault # none, vault, kubernetes
options:
useCSV: false
syncPolicy: Automatic
installPlanApproval: Automatic
autoApproveManualInstallPlans: true
# This defines whether or not to use upstream resources for CoCo.
# Defines whether or not the hub cluster can be used for confidential containers
coco:
securityPolicyFlavour: "insecure" # insecure, signed or reject is expected.
secured: true # true or false. If true, the cluster will be secured. If false, the cluster will be insecure.
# Enable SSH key injection into podvm for debugging. Do not enable in production.
# Also requires: COCO_ENABLE_SSH_DEBUG=true ./scripts/gen-secrets.sh
# and uncommenting the sshKey block in values-secret.yaml.template.
enableSSHDebug: false
azure:
defaultVMFlavour: "Standard_DC2as_v5"
VMFlavours: "Standard_DC2as_v5,Standard_DC4as_v5,Standard_DC8as_v5,Standard_DC16as_v5"
main:
# WARNING
# This default configuration uses a single cluster on azure.
# It fundamentally violates the separation of duties.
clusterGroupName: simple
multiSourceConfig:
enabled: true
clusterGroupChartVersion: 0.9.*
# Common secret store configuration used across multiple charts
# Warning do not rely on this. it does not consistently apply.
secretStore:
name: vault-backend
kind: ClusterSecretStore